Index: head/security/snort3/Makefile =================================================================== --- head/security/snort3/Makefile (revision 533393) +++ head/security/snort3/Makefile (revision 533394) @@ -1,72 +1,72 @@ # Created by: Mark Felder # $FreeBSD$ PORTNAME= snort -DISTVERSION= 3.0.0-270 +DISTVERSION= 3.0.1-2 PORTEPOCH= 1 CATEGORIES= security PKGNAMESUFFIX= 3 MAINTAINER= bofh@FreeBSD.org COMMENT= Lightweight network intrusion detection system LICENSE= GPLv2 LICENSE_FILE= ${WRKSRC}/LICENSE LIB_DEPENDS= libpcre.so:devel/pcre \ libdnet.so:net/libdnet \ libpcap.so:net/libpcap \ libluajit-5.1.so:lang/luajit \ libhwloc.so:devel/hwloc \ libuuid.so:misc/e2fsprogs-libuuid \ libdaq.so:net/libdaq USES= cmake compiler:c++14-lang cpe localbase pathfix pkgconfig shebangfix ssl iconv USE_GITHUB= yes GH_ACCOUNT= snort3 GH_PROJECT= snort3 SHEBANG_FILES= tools/appid_detector_builder.sh OPTIONS_DEFINE= ADDRESSSANITIZER DEBUG DOCS FLATBUFFERS LARGEPCAP PIE THREADSANITIZER STATICDAQ OPTIONS_DEFINE_amd64= HYPERSCAN TSC OPTIONS_DEFAULT= STATICDAQ OPTIONS_DEFAULT_amd64= HYPERSCAN ADDRESSSANITIZER_DESC= Enable address sanitizer FLATBUFFERS_DESC= Enable flatbuffers support HYPERSCAN_DESC= Enable high-performance regular expression lib LARGEPCAP_DESC= Enable support for pcaps larger than 2 GB PIE_DESC= Enable PIE (Broken) STATICDAQ_DESC= Link static DAQ modules THREADSANITIZER_DESC= Enable thread sanitizer TSC_DESC= Use timestamp counter register clock (x86 only) ADDRESSSANITIZER_CMAKE_BOOL= ENABLE_ADDRESS_SANITIZER DEBUG_CMAKE_BOOL= ENABLE_COREFILES ENABLE_GDB DOCS_CMAKE_BOOL= MAKE_HTML_DOC MAKE_PDF_DOC MAKE_TEXT_DOC LARGEPCAP_CMAKE_BOOL= ENABLE_LARGE_PCAP PIE_CMAKE_BOOL= ENABLE_PIE STATICDAQ_CMAKE_BOOL= ENABLE_STATIC_DAQ THREADSANITIZER_CMAKE_BOOL= ENABLE_THREAD_SANITIZER TSC_CMAKE_BOOL= ENABLE_TSC_CLOCK FLATBUFFERS_LIB_DEPENDS=libflatbuffers.so:devel/flatbuffers HYPERSCAN_LIB_DEPENDS= libhs.so:devel/hyperscan CONFLICTS= snort-2* .include .if ${PORT_OPTIONS:MHYPERSCAN} PLIST_SUB+= HYPERSCAN="" .else PLIST_SUB+= HYPERSCAN="@comment " .endif post-patch: ${REINPLACE_CMD} -e 's|_LIBDIR}/pkgconfig|_PREFIX}/libdata/pkgconfig|g' \ ${WRKSRC}/cmake/create_pkg_config.cmake .include Index: head/security/snort3/distinfo =================================================================== --- head/security/snort3/distinfo (revision 533393) +++ head/security/snort3/distinfo (revision 533394) @@ -1,3 +1,3 @@ -TIMESTAMP = 1585861636 -SHA256 (snort3-snort3-3.0.0-270_GH0.tar.gz) = 06e127240c9c234b17f9ff22469dd21651374fac0fec8fceea9849a108bb3499 -SIZE (snort3-snort3-3.0.0-270_GH0.tar.gz) = 6537334 +TIMESTAMP = 1587732085 +SHA256 (snort3-snort3-3.0.1-2_GH0.tar.gz) = 651a5dfe98d27d76fba10e217a53bf184a36ce3a22a970b32c0bc9292dc13e17 +SIZE (snort3-snort3-3.0.1-2_GH0.tar.gz) = 6546507 Index: head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.h =================================================================== --- head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.h (revision 533393) +++ head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.h (nonexistent) @@ -1,25 +0,0 @@ ---- src/host_tracker/host_cache_allocator.h.orig 2020-04-04 02:00:30 UTC -+++ src/host_tracker/host_cache_allocator.h -@@ -44,6 +44,22 @@ class HostCacheAlloc : public std::allocator (prote - HostCacheInterface* lru = 0; - }; - -+template -+T* HostCacheAlloc::allocate(std::size_t n) -+{ -+ size_t sz = n * sizeof(T); -+ T* out = std::allocator::allocate(n); -+ lru->update(sz); -+ return out; -+} -+ -+template -+void HostCacheAlloc::deallocate(T* p, std::size_t n) noexcept -+{ -+ size_t sz = n * sizeof(T); -+ std::allocator::deallocate(p, n); -+ lru->update(-(int) sz); -+} - - // Trivial derived allocator, pointing to their own host cache. - // HostCacheAllocIp has a HostCacheInterface* pointing to an lru cache Property changes on: head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.h ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.cc =================================================================== --- head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.cc (revision 533393) +++ head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.cc (nonexistent) @@ -1,26 +0,0 @@ ---- src/host_tracker/host_cache_allocator.cc.orig 2020-04-04 01:57:20 UTC -+++ src/host_tracker/host_cache_allocator.cc -@@ -24,23 +24,6 @@ - #include "host_cache.h" - - template --T* HostCacheAlloc::allocate(std::size_t n) --{ -- size_t sz=n*sizeof(T); -- T* out=std::allocator::allocate(n); -- lru->update(sz); -- return out; --} -- --template --void HostCacheAlloc::deallocate(T* p, std::size_t n) noexcept --{ -- size_t sz = n*sizeof(T); -- std::allocator::deallocate(p, n); -- lru->update( -(int) sz); --} -- --template - HostCacheAllocIp::HostCacheAllocIp() - { - lru = &host_cache; Property changes on: head/security/snort3/files/patch-src_host__tracker_host__cache__allocator.cc ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/snort3/files/patch-src_main_analyzer.cc =================================================================== --- head/security/snort3/files/patch-src_main_analyzer.cc (revision 533393) +++ head/security/snort3/files/patch-src_main_analyzer.cc (revision 533394) @@ -1,20 +1,20 @@ ---- src/main/analyzer.cc.orig 2020-03-25 14:13:20 UTC +--- src/main/analyzer.cc.orig 2020-04-23 16:12:51 UTC +++ src/main/analyzer.cc -@@ -95,7 +95,7 @@ class RetryQueue (public) +@@ -96,7 +96,7 @@ class RetryQueue (public) RetryQueue(unsigned interval_ms) { assert(interval_ms > 0); - interval = { interval_ms / 1000, static_cast((interval_ms % 1000) * 1000) }; + interval = { static_cast(interval_ms / 1000), static_cast( (interval_ms % 1000) * 1000 )}; } ~RetryQueue() -@@ -546,7 +546,7 @@ void Analyzer::idle() +@@ -552,7 +552,7 @@ void Analyzer::idle() struct timeval now, increment; unsigned int timeout = SnortConfig::get_conf()->daq_config->timeout; packet_gettimeofday(&now); - increment = { timeout / 1000, static_cast((timeout % 1000) * 1000) }; + increment = { static_cast(timeout / 1000), static_cast((timeout % 1000) * 1000) }; timeradd(&now, &increment, &now); packet_time_update(&now); Index: head/security/snort3/files/patch-src_network__inspectors_appid_appid__config.h =================================================================== --- head/security/snort3/files/patch-src_network__inspectors_appid_appid__config.h (nonexistent) +++ head/security/snort3/files/patch-src_network__inspectors_appid_appid__config.h (revision 533394) @@ -0,0 +1,13 @@ +--- src/network_inspectors/appid/appid_config.h.orig 2020-04-28 22:50:18 UTC ++++ src/network_inspectors/appid/appid_config.h +@@ -65,8 +65,8 @@ class AppIdConfig (public) + uint32_t first_decrypted_packet_debug = 0; + #endif + bool log_stats = false; +- unsigned long app_stats_period = 300; +- unsigned long app_stats_rollover_size = 0; ++ uint32_t app_stats_period = 300; ++ uint32_t app_stats_rollover_size = 0; + const char* app_detector_dir = nullptr; + std::string tp_appid_path = ""; + std::string tp_appid_config = ""; Property changes on: head/security/snort3/files/patch-src_network__inspectors_appid_appid__config.h ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/snort3/pkg-plist =================================================================== --- head/security/snort3/pkg-plist (revision 533393) +++ head/security/snort3/pkg-plist (revision 533394) @@ -1,272 +1,273 @@ bin/appid_detector_builder.sh bin/snort bin/snort2lua bin/u2boat bin/u2spewfoo %%ETCDIR%%/balanced.lua %%ETCDIR%%/connectivity.lua %%ETCDIR%%/file_magic.lua %%ETCDIR%%/inline.lua %%ETCDIR%%/max_detect.lua %%ETCDIR%%/security.lua %%ETCDIR%%/snort.lua %%ETCDIR%%/snort_defaults.lua %%ETCDIR%%/talos.lua include/snort/actions/actions.h include/snort/codecs/codec_module.h include/snort/daqs/daq_user.h include/snort/decompress/file_decomp.h include/snort/detection/detect.h include/snort/detection/detect_trace.h include/snort/detection/detection_engine.h include/snort/detection/detection_options.h include/snort/detection/detection_util.h include/snort/detection/ips_context.h include/snort/detection/ips_context_chain.h include/snort/detection/ips_context_data.h include/snort/detection/regex_offload.h include/snort/detection/rule_option_types.h include/snort/detection/rules.h include/snort/detection/signature.h include/snort/detection/treenodes.h include/snort/events/event.h include/snort/events/event_queue.h include/snort/file_api/file_api.h include/snort/file_api/file_capture.h include/snort/file_api/file_config.h include/snort/file_api/file_flows.h include/snort/file_api/file_identifier.h include/snort/file_api/file_lib.h include/snort/file_api/file_module.h include/snort/file_api/file_policy.h include/snort/file_api/file_segment.h include/snort/file_api/file_service.h include/snort/flow/expect_cache.h include/snort/flow/flow.h +include/snort/flow/flow_data.h include/snort/flow/flow_key.h include/snort/flow/flow_stash.h include/snort/flow/ha.h include/snort/flow/stash_item.h include/snort/framework/api_options.h include/snort/framework/base_api.h include/snort/framework/bits.h include/snort/framework/codec.h include/snort/framework/connector.h include/snort/framework/counts.h include/snort/framework/cursor.h include/snort/framework/data_bus.h include/snort/framework/decode_data.h include/snort/framework/endianness.h include/snort/framework/inspector.h include/snort/framework/ips_action.h include/snort/framework/ips_option.h include/snort/framework/logger.h include/snort/framework/lua_api.h include/snort/framework/module.h include/snort/framework/mpse.h include/snort/framework/mpse_batch.h include/snort/framework/parameter.h include/snort/framework/range.h include/snort/framework/so_rule.h include/snort/framework/value.h include/snort/hash/ghash.h include/snort/hash/hash_defs.h include/snort/hash/hash_key_operations.h include/snort/hash/hashes.h %%HYPERSCAN%%include/snort/helpers/hyper_scratch_allocator.h %%HYPERSCAN%%include/snort/helpers/hyper_search.h include/snort/hash/lru_cache_shared.h include/snort/hash/xhash.h include/snort/helpers/base64_encoder.h include/snort/helpers/boyer_moore_search.h include/snort/helpers/literal_search.h include/snort/helpers/scratch_allocator.h include/snort/host_tracker/host_cache.h include/snort/host_tracker/host_cache_allocator.h include/snort/host_tracker/host_cache_interface.h include/snort/host_tracker/host_tracker.h include/snort/log/log.h include/snort/log/log_text.h include/snort/log/messages.h include/snort/log/obfuscator.h include/snort/log/text_log.h include/snort/log/u2_packet.h include/snort/log/unified2.h include/snort/lua/snort_config.lua include/snort/lua/snort_plugin.lua include/snort/main/analyzer_command.h include/snort/main/policy.h include/snort/main/snort_config.h include/snort/main/snort_debug.h include/snort/main/snort_types.h include/snort/main/thread.h +include/snort/main/trace.h include/snort/managers/codec_manager.h include/snort/managers/inspector_manager.h include/snort/mime/decode_b64.h include/snort/mime/decode_base.h include/snort/mime/file_mime_config.h include/snort/mime/file_mime_context_data.h include/snort/mime/file_mime_decode.h include/snort/mime/file_mime_log.h include/snort/mime/file_mime_paf.h include/snort/mime/file_mime_process.h include/snort/network_inspectors/appid/appid_api.h +include/snort/network_inspectors/appid/appid_app_descriptor.h include/snort/network_inspectors/appid/appid_dns_session.h include/snort/network_inspectors/appid/appid_http_session.h include/snort/network_inspectors/appid/appid_session_api.h include/snort/network_inspectors/appid/appid_types.h include/snort/network_inspectors/appid/application_ids.h -include/snort/network_inspectors/appid/http_xff_fields.h include/snort/network_inspectors/appid/tp_appid_module_api.h include/snort/network_inspectors/appid/tp_appid_session_api.h include/snort/network_inspectors/appid/tp_appid_types.h include/snort/network_inspectors/packet_tracer/packet_tracer.h include/snort/network_inspectors/reputation/reputation_common.h include/snort/network_inspectors/rna/rna_logger.h include/snort/packet_io/active.h include/snort/packet_io/sfdaq.h include/snort/packet_io/sfdaq_instance.h include/snort/profiler/memory_context.h include/snort/profiler/memory_defs.h include/snort/profiler/memory_profiler_defs.h include/snort/profiler/profiler.h include/snort/profiler/profiler_defs.h include/snort/profiler/rule_profiler_defs.h include/snort/profiler/time_profiler_defs.h include/snort/protocols/arp.h include/snort/protocols/cisco_meta_data.h include/snort/protocols/eapol.h include/snort/protocols/eth.h include/snort/protocols/gre.h include/snort/protocols/icmp4.h include/snort/protocols/icmp6.h include/snort/protocols/ip.h include/snort/protocols/ipv4.h include/snort/protocols/ipv4_options.h include/snort/protocols/ipv6.h include/snort/protocols/layer.h include/snort/protocols/linux_sll.h include/snort/protocols/mpls.h include/snort/protocols/packet.h include/snort/protocols/packet_manager.h include/snort/protocols/protocol_ids.h include/snort/protocols/ssl.h include/snort/protocols/tcp.h include/snort/protocols/tcp_options.h include/snort/protocols/teredo.h include/snort/protocols/token_ring.h include/snort/protocols/udp.h include/snort/protocols/vlan.h include/snort/protocols/wlan.h include/snort/pub_sub/appid_events.h include/snort/pub_sub/cip_events.h include/snort/pub_sub/daq_message_event.h include/snort/pub_sub/data_decrypt_event.h include/snort/pub_sub/expect_events.h include/snort/pub_sub/finalize_packet_event.h include/snort/pub_sub/http_events.h include/snort/pub_sub/sip_events.h include/snort/search_engines/search_common.h include/snort/search_engines/search_tool.h include/snort/sfip/sf_cidr.h include/snort/sfip/sf_ip.h include/snort/sfip/sf_returns.h include/snort/stream/paf.h include/snort/stream/stream.h include/snort/stream/stream_splitter.h include/snort/target_based/snort_protocols.h include/snort/time/clock_defs.h include/snort/time/packet_time.h include/snort/time/stopwatch.h -include/snort/utils/bitop.h include/snort/utils/boyer_moore.h include/snort/utils/cpp_macros.h include/snort/utils/endian.h include/snort/utils/event_gen.h include/snort/utils/infractions.h include/snort/utils/kmap.h include/snort/utils/memcap_allocator.h include/snort/utils/util_ber.h include/snort/utils/primed_allocator.h include/snort/utils/safec.h include/snort/utils/segment_mem.h include/snort/utils/sflsq.h include/snort/utils/stats.h include/snort/utils/util.h include/snort/utils/util_cstring.h include/snort/utils/util_jsnorm.h include/snort/utils/util_unfold.h include/snort/utils/util_utf.h lib/snort/daqs/daq_file.so lib/snort/daqs/daq_hext.so libdata/pkgconfig/snort.pc %%PORTDOCS%%%%DOCSDIR%%/README.u2boat %%PORTDOCS%%%%DOCSDIR%%/active.txt %%PORTDOCS%%%%DOCSDIR%%/appid.txt %%PORTDOCS%%%%DOCSDIR%%/basic.txt %%PORTDOCS%%%%DOCSDIR%%/binder.txt %%PORTDOCS%%%%DOCSDIR%%/building.txt %%PORTDOCS%%%%DOCSDIR%%/builtin.txt %%PORTDOCS%%%%DOCSDIR%%/byte_extract.txt %%PORTDOCS%%%%DOCSDIR%%/byte_jump.txt %%PORTDOCS%%%%DOCSDIR%%/byte_math.txt %%PORTDOCS%%%%DOCSDIR%%/byte_test.txt %%PORTDOCS%%%%DOCSDIR%%/codec.txt %%PORTDOCS%%%%DOCSDIR%%/commands.txt %%PORTDOCS%%%%DOCSDIR%%/concepts.txt %%PORTDOCS%%%%DOCSDIR%%/config.txt %%PORTDOCS%%%%DOCSDIR%%/config_changes.txt %%PORTDOCS%%%%DOCSDIR%%/connector.txt %%PORTDOCS%%%%DOCSDIR%%/connectors.txt %%PORTDOCS%%%%DOCSDIR%%/counts.txt %%PORTDOCS%%%%DOCSDIR%%/daq.txt %%PORTDOCS%%%%DOCSDIR%%/data.txt %%PORTDOCS%%%%DOCSDIR%%/dcerpc.txt %%PORTDOCS%%%%DOCSDIR%%/differences.txt %%PORTDOCS%%%%DOCSDIR%%/enviro.txt %%PORTDOCS%%%%DOCSDIR%%/errors.txt %%PORTDOCS%%%%DOCSDIR%%/extending.txt %%PORTDOCS%%%%DOCSDIR%%/features.txt %%PORTDOCS%%%%DOCSDIR%%/file_processing.txt %%PORTDOCS%%%%DOCSDIR%%/ftp.txt %%PORTDOCS%%%%DOCSDIR%%/gids.txt %%PORTDOCS%%%%DOCSDIR%%/help.txt %%PORTDOCS%%%%DOCSDIR%%/high_availability.txt %%PORTDOCS%%%%DOCSDIR%%/http_inspect.txt %%PORTDOCS%%%%DOCSDIR%%/http2_inspect.txt %%PORTDOCS%%%%DOCSDIR%%/inspector.txt %%PORTDOCS%%%%DOCSDIR%%/ips_action.txt %%PORTDOCS%%%%DOCSDIR%%/ips_option.txt %%PORTDOCS%%%%DOCSDIR%%/logger.txt %%PORTDOCS%%%%DOCSDIR%%/module_trace.txt %%PORTDOCS%%%%DOCSDIR%%/modules.txt %%PORTDOCS%%%%DOCSDIR%%/options.txt %%PORTDOCS%%%%DOCSDIR%%/overview.txt %%PORTDOCS%%%%DOCSDIR%%/params.txt %%PORTDOCS%%%%DOCSDIR%%/perf_monitor.txt %%PORTDOCS%%%%DOCSDIR%%/plugins.txt %%PORTDOCS%%%%DOCSDIR%%/pop_imap.txt %%PORTDOCS%%%%DOCSDIR%%/port_scan.txt %%PORTDOCS%%%%DOCSDIR%%/reference.txt %%PORTDOCS%%%%DOCSDIR%%/reload_limitations.txt %%PORTDOCS%%%%DOCSDIR%%/sensitive_data.txt %%PORTDOCS%%%%DOCSDIR%%/side_channel.txt %%PORTDOCS%%%%DOCSDIR%%/signals.txt %%PORTDOCS%%%%DOCSDIR%%/smtp.txt %%PORTDOCS%%%%DOCSDIR%%/snort2lua.txt %%PORTDOCS%%%%DOCSDIR%%/snort2lua_cmds.txt %%PORTDOCS%%%%DOCSDIR%%/snort2x.png %%PORTDOCS%%%%DOCSDIR%%/snort3x.png %%PORTDOCS%%%%DOCSDIR%%/snort_manual.html %%PORTDOCS%%%%DOCSDIR%%/snort_manual.pdf %%PORTDOCS%%%%DOCSDIR%%/snort_manual.text %%PORTDOCS%%%%DOCSDIR%%/snort_manual.txt %%PORTDOCS%%%%DOCSDIR%%/snorty.png %%PORTDOCS%%%%DOCSDIR%%/style.txt %%PORTDOCS%%%%DOCSDIR%%/telnet.txt %%PORTDOCS%%%%DOCSDIR%%/terms.txt %%PORTDOCS%%%%DOCSDIR%%/testing_numerical_values.txt %%PORTDOCS%%%%DOCSDIR%%/tutorial.txt %%PORTDOCS%%%%DOCSDIR%%/usage.txt %%PORTDOCS%%%%DOCSDIR%%/version.txt %%PORTDOCS%%%%DOCSDIR%%/wizard.txt